<?php
session_start();
if($_SERVER['REQUEST_METHOD'] != "POST") {
//if(!isset($_POST['submit'])){
    exit('非法访问!');
}
//修改密码成功
if($_GET['op'] == "success"){
    //echo '注销登录成功！点击此处 <a href="index.php">登录</a>';
    echo "<script language=\"JavaScript\">alert(\"修改密码成功\");</script>"; 
    exit;
}elseif($_GET['op'] == "fail"){
	echo "<script language=\"JavaScript\">alert(\"抱歉！修改密码失败\");</script>"; 
    exit;
}

if(is_null($_SESSION['username'])||$_SESSION['username']==""){
exit('非法访问!');
}
$initPass = $_POST['initPass'];
$newPass = $_POST['newPass'];
$username=$_SESSION['username'];
$initPass = MD5($initPass);
//包含数据库连接文件
include('system/db/conn.php');
//检测用户名是否已经存在
$check_query = mysql_query("select id from do_supplier_account where account_name='$username' and account_password='$initPass' limit 1");
if(!mysql_fetch_array($check_query)){
     header('location:shop-pass.php?op=fail');
    exit;
}
//修改密码
$newPass = MD5($newPass);
$sql = "update do_supplier_account set account_password='$newPass' where account_name='$username' ";
if(mysql_query($sql,$conn)){
	//echo "修改密码成功";
	header('location:shop-pass.php?op=success');
	//echo "<script language=\"JavaScript\">alert(\"修改密码成功\");</script>"; 
	exit;
} else {
	header('location:shop-pass.php?op=fail');
    //echo '抱歉！修改密码失败：',mysql_error(),'<br />';
    //echo '点击此处 <a href="javascript:history.back(-1);">返回</a> 重试';
    exit;
}
?>